Job Information
AIG Malaysia Chief Information Security Officer (CISO) in Kuala Lumpur, Malaysia
The Malaysia CISO, will support the local Business in Malaysia by understanding key business processes and critical systems to facilitate the identification of specific security needs and drive completion of projects and adoption of security procedures, policies and standards.
How you will create an impact
Responsible for providing security leadership, advice and counsel to executive management teams on security policy and practices; identifies exposures and threats and drives corrective plans based on risk.
Implement the Company’s information security strategy across the business environments.
Ensure the enterprise information security architecture and roadmaps are implemented and meet both business and information security objectives.
Help formulate and facilitate the effective implementation of relevant technology risk/information security standards required by the respective regulators (Eg RMiT Technology Risk Management Framework, and Cyber Resilience Framework) for the local entity.
Ensure security projects and activities are prioritized based on risk to the business unit, work with leadership team to develop risk management program to ensure the confidentiality, integrity, and availability of information owned, controlled, or processed by the Company.
Provide support to central team developing threat response and risk mitigation plans, including input into scenarios that involve invoking countermeasures and containment strategies.
Provide timely and regular updates to the regional and global information security leadership team.
Ensure security issues are addressed with timely, appropriate responses to minimize the impact to the Company, or its assets, customers, or reputation.
Monitor and evaluates risk performance metrics on key security issues and programs, recommends corrective action programs as appropriate, and drives remediation items to completion.
Actively contribute to the matters being discussed at the management committees (e.g. risk committee meetings, Board of Directors meeting) where information security is an invitee or a member, and where relevant, provide inputs of the matters under the information security purview.
Remain current on constantly emerging Cybersecurity and geopolitical threats to ensure continual protection of the Company’s assets, information, and reputation, ensuring the risk balance between risk posture and business agility.
What you'll need to succeed
Minimal a decade of full-time work experience in information security management and/or related functions (such as IT audit, information security consulting (in a global MNC) and IT Risk Management).
At least 2 or 3 years (respectively) holding a senior security leadership position at a global or regional-sized company.
A background in technical IT roles such as IT architecture, engineering, development, or operations, with an overarching information security oversight.
Prior experience leading moderate size security teams with a strong track record of success in complex environments
Information security related certification (formally certified) from ISC2, ISACA, SANS, ISO etc will be useful
Experience in financial or insurance industry preferred, with an in-depth understanding of the relevant local regulatory requirements.
Ability to work locally without need for visa/work permit sponsorship.
Core skills
Ability to think-on-your-feet and demonstrate strategic acumen in managing local requirements.
Managing various local stakeholders’ expectations while adhering to AIG’s global processes.
Ability to communicate effectively, the various security risks in business terms, to all levels of the organization.
Excellent written and verbal communications.
Prior experience in team leadership and management.
Strong analytical thinking, initiative and due diligence done for areas of responsibilities when engaging with stakeholders.
Good-to have
Understanding of SOC processes, threat hunting tools, SIEM, SOAR and leading a SOC team.
Knowledge of security metrics and Key Security Risk indicators and how to implement them.
Reimagining insurance to make a bigger difference to the world
American International Group, Inc. (AIG) is a global leader in commercial and personal insurance solutions; we are one of the world’s most far-reaching property casualty networks. It is an exciting time to join us — across our operations, we are thinking in new and innovative ways to deliver ever-better solutions to our customers. At AIG, you can go further to support individuals, businesses, and communities, helping them to manage risk, respond to times of uncertainty and discover new potential. We invest in our largest asset, our people, through continuous learning and development, in a culture that celebrates everyone for who they are and what they want to become.
Welcome to a culture of belonging
We’re committed to creating a culture that truly respects and celebrates each other’s talents, backgrounds, cultures, opinions and goals. We foster a culture of inclusion and belonging through our flexible work arrangements, diversity and inclusion learning, cultural awareness activities and Employee Resource Groups (ERGs). With global chapters, ERGs are a cornerstone for our culture of inclusion. The diversity of our people is one of AIG’s greatest assets, and we are honored that our drive for positive change has been recognized by numerous recent awards and accreditations.
AIG provides equal opportunity to all qualified individuals regardless of race, color, religion, age, gender, gender expression, national origin, veteran status, disability or any other legally protected categories.
AIG is committed to working with and providing reasonable accommodations to job applicants and employees with disabilities. If you believe you need a reasonable accommodation, please send an email to candidatecare@aig.com .
Functional Area:
IT - Information Technology
Estimated Travel Percentage (%): No Travel
Relocation Provided: No
AIG Technologies (Malaysia) Sdn Bhd
